<?php
$db = new Database;
session_start();
if(isset($_POST['saveUser'])){
    $firstname = $_POST['firstname'];
    $middlename = $_POST['middlename'];
    $lastname = $_POST['lastname'];
    $username = $_POST['username'];
    $password = $_POST['password'];
    $rpassword = $_POST['rpassword'];
    $email = $_POST['email'];
    $companyCode = $_POST['companyCode'];
    $captcha = $_POST['captcha-code'];
    $regCap = $_SESSION['captcha_number'];
    $error = 0;
    if($firstname=="" or $lastname=="" or $username=="" or $password=="" or $rpassword=="" or $companyCode=="" or $captcha==""){ //if empty
        //false
        echo "empty";
    }else{
        //true
        if(checkstrname($firstname)=="0" or checkstrname($lastname)=="0" or checkstrname($middlename)=="0"){
            //false
            echo "error_name";
        }else{
            //true
            if($password!=$rpassword){
                //false
                echo "error_pass";
            }else{
                //true
                if(strlen($password)<5 || strlen($password)>15){
                    //false
                    echo "min_max_pass";
                }else{
                    //true
                    $numrowsUser = $db->query("SELECT * FROM tbuser where username = '$username' and is_active=1","numrows");
                    if($numrowsUser>0){
                        //false
                        echo "user_taken";
                    }else{
                        if($captcha!=$regCap){
                            echo "Captcha code doesnt match.";
                        }else{
                            $numrowsComp = $db->query("SELECT * FROM tbcompany where company_code = '$companyCode' and is_active=1","numrows");
                            if($numrowsComp==1){
                                $companyID = $db->query("SELECT id FROM tbcompany where company_code = '$companyCode' and is_active=1","row");
                                $insert = array(
                                    "firstname"=>$firstname,
                                    "lastname"=>$lastname,
                                    "middlename"=>$middlename,
                                    "email"=>$email,
                                    "username"=>$username,
                                    "password"=>md5($password),
                                    "userlevel_id"=>1,
                                    "company_id"=>$companyID['id'],
                                    "is_active"=>1,
                                    );
                                echo "true";
                            $db->insert("tbuser",$insert);
                            }else{
                                echo "invalid code";
                            }
                        }
                    }
                }
            }
        }
    }
}elseif(isset($_POST['saveCompany'])){
    $companyName = $_POST['companyName'];
    $companyCode = $_POST['companyCode'];
    $contactNumber = $_POST['contactNumber'];
    $emailAddress = htmlentities($_POST['emailAddress']);
    $primaryContact = $_POST['primaryContact'];
    $companyAddress = $_POST['companyAddress'];
    $captcha = $_POST['captcha-code'];
    $regCap = $_SESSION['captcha_number'];
    //echo $companyName." ".$companyCode." ".$contactNumber." ".$emailAddress." ".$primaryContact." ".$companyAddress;
    $numrowsComp = $db->query("SELECT * FROM tbcompany where company_code = '$companyCode' and is_active=1","numrows");
    if(empty($companyName) or empty($companyCode) or empty($contactNumber) or empty($emailAddress) or empty($primaryContact) or empty($companyAddress)  or empty($captcha)){
        echo "empty fields";
    }else{
        if($numrowsComp>0){
            echo "invalid code";
        }else{
            if(!VerifyMailAddress($emailAddress)){
                echo "Incorrect email format.";
            }else{
                if($captcha!=$regCap){
                    echo "Captcha code doesnt match.";
                }else{
                    $insertComp = array(
                                "company_name"=>$companyName,
                                "primary_contact"=>$primaryContact,
                                "email_address"=>$emailAddress,
                                "contact_number"=>$contactNumber,
                                "company_code"=>$companyCode,
                                "is_active"=>1,
                                );
                    echo "true";
                    $db->insert("tbcompany",$insertComp);
                }
            }
        }
    }
}
?>